Google oauth via devise 和omniauth/oauth 不断请求访问
我可以将 devise 与omniauth(oauth NOT openid)和 devise.rb 配置一起使用,如下所示:
config.omniauth :google, KEY, SECRET
它正确地重定向到google以请求许可(并返回)...
但不幸的是它总是这样做。它应该(我相信)知道我刚刚授权了使用谷歌的权限,并且应该在第一次之后跳过该重定向到谷歌。关于如何让它发挥作用有什么建议吗?
我所说的许可是:“网站 blah.com 正在请求访问您的 Google 帐户以获取下列产品”。我不希望此页面总是重新出现。
I can use devise with omniauth (oauth NOT openid) and a devise.rb config like this:
config.omniauth :google, KEY, SECRET
and it correctly does the redirection to google to ask permission (and returns)...
but unfortunately it always does that. It should (I believe) know that I just authorized permissions to use google and should skip that redirection to google after the first time. Any suggestions on how to get this working?
The permissioning I'm talking about is: "The site blah.com is requesting access to your Google Account for the product(s) listed below". I don't want this page to always reappear.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
您需要自己实现回调 - Devise 和 Omniauth 默认情况下都不为您提供这些回调。它将负责将用户发送到您的 OAuth 端点并确保他返回,但它不会消耗已发送的信息和/或让用户登录。
这些事情由您来完成。
Devise 有一个关于创建简单回调控制器的 wiki 页面: https://github.com/ plataformatec/devise/wiki/OmniAuth:-概述
Ryan Bates 有一个关于制作更通用回调控制器的 Railscast:http://railscasts.com/episodes/236-omniauth-part-2
我还写了一篇关于通用回调控制器的文章:http://blog.impaled.org /code/2011/2/devise-1-2-with-omniauth-on-rails.html
You need to implement callbacks yourself - neither Devise nor Omniauth provide these for you by default. It will take care of sending the user to your OAuth endpoint and make sure he returns, but it will not consume the information that was sent and/or log the user in.
It's up to you to do these things.
Devise has a wiki page on creating a simple callback controller: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
Ryan Bates has a Railscast on doing a more generic callback controller: http://railscasts.com/episodes/236-omniauth-part-2
And I've had a write-up for a generic callback controller as well: http://blog.impaled.org/code/2011/2/devise-1-2-with-omniauth-on-rails.html
我升级到最新的omniauth/devise gems并使用google_oauth2 gem(这太棒了!)。
因此,我能够解决我的问题,因为 gem 的创建者添加了一个 parm 来防止重新验证。
请参阅此处
I upgraded to the latest omniauth/devise gems and used google_oauth2 gem (which is awesome!).
Because of this I was able to get past my issue because the creator of the gem added a parm to prevent re-auth.
See here
查看:
https://github.com/intridea/omniauth/pull/342
Google 要求我们换成长期身份验证令牌,但我不确定是否有一种干净的方法可以使用omniauth + devise来做到这一点。
Check:
https://github.com/intridea/omniauth/pull/342
Google requires that we swap out for a long term auth token, but I'm not sure there is a clean way to do this with omniauth + devise.
使用omniauth-google-oauth2,我发现您必须将其设置
为线路上的选项
,否则它默认为“强制”,这对我造成了同样的问题。
通过阅读本页上有关approval_prompt的部分推断出这一点: https://github.com/ plataformatec/devise/wiki/OmniAuth:-概述
With omniauth-google-oauth2 I found you have to set
as an option on your line
or it defaults to 'force' instead, which caused the same problem for me.
Deduced this from reading the part about approval_prompt on this page: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
我遇到了一个问题,每次登录都会向用户请求相同的权限。我通过将
access_type: "offline"和approval_prompt: ""添加到我的config文件夹中的devise.rb如下:上面的范围允许我查看有关用户及其电子邮件地址的基本信息。
希望这有帮助。
I had the issue where it would request the same permissions from the user each log in. I solved it by adding the
access_type: "offline"andapproval_prompt: ""to mydevise.rbin theconfigfolder as follows:The scope above allows me to see basic info about the user and their email address.
Hope this helps.
您必须通过 Google API 控制台启用“通讯录 API”和“Google+ API”
You must enable the "Contacts API" and "Google+ API" via the Google API console